Global data privacy software innovator will use growth funding, led by GT Investment Partners and facilitated by Aon, to fuel customer success and expand global partnerships, sales, marketing, and industry education.

**NEW YORK CITY and BRUSSELS, October 19, 2022** — Anonos, provider of the only technology that resolves the conflict between data use and protection with 100% accuracy, today announced it has raised $50 million in growth financing backed by its intellectual property (IP) portfolio, facilitated by Aon (NYSE: AON) and led by GT Investment Partners (“Ghost Tree Partners”).

The company will use the growth funding to scale customer success and expand partnerships, sales and marketing for its Data Embassy® software platform, which powers secure data processing in untrusted environments with cleartext accuracy and speed for faster insights to achieve enterprise goals. This additional growth capital brings Anonos’ total funding to $70 million, including $20 million in prior funding led by Edison Partners.

Data Embassy uniquely combines patented statutory pseudonymization, synthetic data and other state-of-the-art privacy-enhancing computation techniques that make it easy for organizations to control the level of identifiable data that they process. Streamlined approvals and workflows mean more data can be approved faster for more use cases with lower risk – all while ensuring the highest level of compliance with the General Data Protection Regulation (GDPR), Schrems II and other global data privacy and security requirements.

“Data-driven enterprises haven’t been able to use their data assets to their fullest advantage because of privacy and security restrictions,” explained Gary LaFever, co-CEO and general counsel of Anonos. “Other vendors have attempted to resolve this issue, but we believe Anonos’ 10 years of R&D on Data Embassy is game-changing for organizations that depend on accessible yet compliant and uninterrupted data supply chains. The technology’s 26 granted international patents and more than 70 additional patent assets serve as the backbone of this financing that takes us to a new level of business execution.”

“Data Embassy is the only technology that eliminates the tradeoff between data protection and data utility,” added Ted Myerson, co-CEO and president of Anonos. “The significant value of our IP and its ability to solve such critical global data issues allowed us to work with Aon and Ghost Tree to secure growth financing. With the new funding, Anonos will increase awareness of our unique position within the market and highlight our capabilities to ensure the success of our growing customer base by accelerating their speed to insight.”

LaFever and Myerson have been business partners for more than 21 years. Their prior company, FTEN, was the fastest-growing software company on the Inc. 500 for two years in a row and was acquired by NASDAQ OMX in 2010 for integration into its 100+ global exchanges. The principles behind that technology, which re-linked data for risk management in securities trading, paved the way for development of Data Embassy and its ability to de-link data from both direct and indirect identifiers to obscure identity while enabling organizations to use more of their data for compliant analytics, artificial intelligence, machine learning, data sharing and data transfer.

Recognized as a Gartner Cool Vendor and a member of the World Economic Forum’s Global Innovators Community, Anonos makes data that otherwise would be restricted accessible to expand and expedite strategic initiatives, so organizations can create more value and still be compliant with data privacy and security regulations. Data Embassy creates Variant Twins®: source data that has been transformed into new, statutorily pseudonymized and 100% accurate data assets authorized for specific use cases. Because Variant Twins are embedded with multi-level data privacy and security controls that are technologically enforced, they can travel anywhere. Controlled relinking to the original data accelerates speed to insights for innovation, competitive differentiation and operational efficiency among other benefits, but that process can only occur with the addition of other data held separately by the data controller or an authorized party.

“Innovation is the key to a growth economy, but intangible assets are the foundation. That is why we are bringing unique solutions to the market to help IP-rich companies like Anonos leverage the value of their intellectual property,” said Lewis Lee, CEO of Aon’s Intellectual Property Solutions. "We are excited to help companies of all sizes and industries unlock the value of these assets so they can further pursue their growth ambitions with options that can help prevent diluting their ownership."

“Anonos’ leadership team has a successful track record of making regulatory compliance a competitive advantage for its customers and anticipating needs at the intersection of law and technology to transform how industries approach data,” said Mark Fox, Managing Partner at Ghost Tree Partners. “We are excited to support their next phase of growth for wider adoption of statutory pseudonymization and other privacy-preserving technologies to maximize data value while ensuring compliant use.”

**Additional Resources**

● Read the S&P Market Intelligence Market Insight Report, October 2022

● Visit the Data Embassy Product Page

● Request a Data Embassy Product Briefing

**About Anonos**

Anonos is a global software company that provides the only technology capable of protecting data in use with 100% accuracy, even in untrusted environments, making otherwise restricted assets accessible to expand and expedite data-driven initiatives. Its patented Data Embassy platform transforms source data into Variant Twins: non-identifiable yet 100% accurate data assets for specific use cases. Because multi-level data privacy and security controls are embedded into the data and technologically enforced, Variant Twins can travel anywhere – across departments, outside the enterprise, or around the globe. Therefore, data protection teams and data users can collaborate to advance projects for capturing valuable insights without compromising privacy, security, accuracy or speed. Anonos. Data without the drama. To learn more, visit www.anonos.com or follow us on LinkedIn.

**About Aon**

Aon plc (NYSE: AON) exists to shape decisions for the better — to protect and enrich the lives of people around the world. Our colleagues provide our clients in over 120 countries with advice and solutions that give them the clarity and confidence to make better decisions to protect and grow their business.  

**About Ghost Tree Partners**

Headquartered in Irvine, CA, Ghost Tree Partners is an alternative asset manager focused on providing private credit financing solutions to small and middle-market borrowers in the US, Europe and Asia. Founded in 2021, the firm is led by Mark Fox, Scott Warner, Jeff Willardson and David Byrne, who combine for over 85 years of investment experience with Goldman Sachs, Bain Capital Credit, Fidelity and PAAMCO Prisma (KKR affiliate). The team has invested billions of dollars on behalf of the world’s most sophisticated investors throughout their careers. Ghost Tree’s private credit financing solutions include corporate cash flow loans, specialty finance, asset backed lending and real estate bridge loans.

Anonos Secures $50 Million in IP-Backed Financing to Deliver Data Privacy Technology with 100% Accuracy and Utility to Data-Driven Enterprises

Product brings together workload and infrastructure security into a single platform to provide a unified approach to protecting cloud environments.

NEW YORK, Oct. 19, 2022 /PRNewswire/ —- Datadog, Inc. (NASDAQ: DDOG), the monitoring and security platform for cloud applications, today announced the general availability of Cloud Security Management. This product brings together capabilities from Cloud Security Posture Management (CSPM), Cloud Workload Security (CWS), alerting, incident management and reporting in a single platform to enable DevOps and Security teams to identify misconfigurations, detect threats and secure cloud-native applications.

As organizations' cloud architectures become more complex, assessing security risks and collaborating across teams to mitigate them has become increasingly difficult. While security engineers are responsible for identifying threats and misconfigurations, DevOps teams are responsible for remediating them. DevOps and security teams often use multiple point solutions and tools to report on and resolve issues, but these tools provide an incomplete view of security risks and create silos between teams.

Datadog's Cloud Security Management brings together observability and security insights across an organization's entire cloud environment—without the need to deploy additional agents. This shared context provides security engineers with deeper insights to collaborate with DevOps teams and more quickly remediate security issues.

"Tight collaboration between security and DevOps teams is required to mitigate security risks in today's environments. This change has been brought on by the move to the cloud. Security teams today cannot take countermeasures alone without potentially impacting the performance and reliability of production systems," said Prashant Prahlad, VP of Product at Datadog. "Datadog Cloud Security Management helps these teams work together to remediate issues quickly by providing a single platform—as opposed to multiple point solutions—that delivers a complete view of an organization's infrastructure and risk exposure."

"Using Cloud Security Management was like having a member of the InfoSec team embedded within our DevOps team," said Chad Upton, Vice President of Infrastructure at FirstUp. "All the security metrics were front and center so they could easily see the number of misconfigured resources in a single view and they didn't have to wait for someone from InfoSec to reach out and let them know there was an issue."

"Because Datadog Cloud Security Management shows observability and security data together, alongside the resource relationship graph, we were able to remove cloud resources that were no longer in use and easily understand the impact of misconfigured cloud resources by visualizing all dependencies," said Ben Collen, Senior Director of Engineering and CISO at Vertex.

Cloud Security Management expands on the foundational capabilities of cloud security posture management and cloud workload security of a CNAPP solution through:

*   **Resource Relationship Graph:** By providing a visual risk assessment of misconfigured resources and vulnerabilities across an organization's cloud infrastructure, DevOps teams can take remedial actions based on the impact of the risk.
*   **Custom Detection Rules:** Teams can now create fine-grained threat detection rules across all cloud resources—including their associated logs and security incident events.
*   **Resource Catalog (Beta):** Engineers can access a comprehensive visual representation of all security risks associated with each cloud resource in a customer's environment and identify the owners of every cloud infrastructure resource to remediate vulnerabilities and misconfigurations.

Cloud Security Management is generally available now. To learn more, please visit: https://www.datadoghq.com/product/cloud-security-management/.

**About Datadog  
**Datadog is the monitoring and security platform for cloud applications. Our SaaS platform integrates and automates infrastructure monitoring, application performance monitoring and log management to provide unified, real-time observability of our customers' entire technology stack. Datadog is used by organizations of all sizes and across a wide range of industries to enable digital transformation and cloud migration, drive collaboration among development, operations, security and business teams, accelerate time to market for applications, reduce time to problem resolution, secure applications and infrastructure, understand user behavior and track key business metrics.

**Forward-Looking Statements**

This press release may include certain "forward-looking statements" within the meaning of Section 27A of the Securities Act of 1933, as amended, or the Securities Act, and Section 21E of the Securities Exchange Act of 1934, as amended including statements on the benefits of new products and features. These forward-looking statements reflect our current views about our plans, intentions, expectations, strategies and prospects, which are based on the information currently available to us and on assumptions we have made. Actual results may differ materially from those described in the forward-looking statements and are subject to a variety of assumptions, uncertainties, risks and factors that are beyond our control, including those risks detailed under the caption "Risk Factors" and elsewhere in our Securities and Exchange Commission filings and reports, including the Quarterly Report on Form 10-Q filed with the Securities and Exchange Commission on August 8, 2022, as well as future filings and reports by us. Except as required by law, we undertake no duty or obligation to update any forward-looking statements contained in this release as a result of new information, future events, changes in expectations or otherwise.

Datadog Launches Cloud Security Management to Provide Cloud Native Application Protection

Latest investment to broaden integrations with top firewall vendors.

OTTAWA, Ontario, Oct. 20, 2022 /PRNewswire-PRWeb/ — Corsa Security, leaders in scaling network security, announced today it has secured an additional $10 million in funding from Roadmap Capital. The funds will be used to propel product development of the Corsa Security Orchestrator (CSO) with industry leading features and to engage in key customer trials in multiple geographies. This follows the successful launch of the updated CSO earlier this year and continues the focus on providing dynamic scaling functionality for next-generation firewalls from leading vendors. In addition, the CSO will be specifically addressing the demand for a scalable 5G next-generation firewall through Corsa Security's proprietary clustering technology.

"We are continuing to stimulate our company's growth," said Eduardo Cervantes, CEO and Chairman, Corsa Security. "We are seeing more and more interest in the market as enterprises need easy-to-deploy on-premise network security that allows them to dynamically add virtual firewall capacity at the touch of a button. This funding allows us to further broaden our Corsa Security Orchestrator new features and integrations with top firewall vendors so we can bring our solution to even more customers."

The Corsa Security Orchestrator provides an intuitive interface to simplify all the complex operations associated with running on-premise virtual firewall instances, including licensing, deployment, maintenance, troubleshooting, and push-button scaling. It is designed to deploy, scale and optimize firewalls from leading vendors with tailored workflows that run on commodity compute. By integrating virtualization with intelligent orchestration, organizations can realize up to 9x lower TCO and speed their time to deployment by a factor of 24. The CSO also includes other powerful features to save customers time and money--it automates on?premise virtual firewall deployments, optimizes server resource allocation, and maximizes firewall license credits by scaling up firewalls when and if needed.

**About Corsa Security**

  
Corsa Security is the leader in automating network security virtualization, which helps large enterprises and service providers deploy, scale and optimize virtual on-premise firewalls with speed (24x faster deployment), simplicity (zero-touch operations) and savings (9x lower TCO). By tightly integrating firewall virtualization with intelligent orchestration, the Corsa Security Orchestrator provides an aggregated view of all your virtual firewalls while managing their infrastructure health, capacity and performance. Customers subscribe to the Corsa Security services based on their current needs and then pay as they grow by integrating flex licensing from our firewall partners. Learn how Corsa Security is revolutionizing network security at corsa.com.

Keep up with the latest cybersecurity threats, newly-discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

Subscribe

Corsa Security Drives Forward with Additional $10 Million Funding

New cloud data survey from the Cloud Security Alliance and BigID sheds light on the state of cloud data security in 2022.

NEW YORK, Oct. 20, 2022 /PRNewswire/ — BigID, the leading data intelligence platform that enables organizations to know their enterprise data and take action for privacy, security, and governance, today released the Cloud Data Security Research Report 2022, in partnership with Cloud Security Alliance (CSA) — with results from over 1,500 IT & Security professionals.

The results? According to the survey, organizations consider cloud data security a top 3 priority when protecting data - and cloud data security posture management (DSPM) is critical to addressing gaps.

Key findings include:

*   **Organizations are struggling with securing and tracking sensitive data in the cloud:** Only 4% believe all of their cloud data is sufficiently secured: over a quarter of organizations aren't tracking regulated data, nearly a third aren't tracking confidential or internal data, and 45% aren't tracking unclassified data.
*   **82% of organizations consider capturing dark data a moderate to high priority this year.** Additionally, 79% of organizations reported to have moderate to high levels of concern around the proliferation of dark data in their organization but are unsure about how to approach the challenge.
*   **SaaS Data needs to become a priority:** 76% of organizations rate tracking data across SaaS platforms as moderately to highly difficult.
*   **Organizations are utilizing multiple cloud platforms:** 86% of organizations utilize multiple cloud platforms to store their data- across IaaS, PaaS, and SaaS
*   **62% of organizations** report that they are likely to experience a cloud data breach in the next year.

"Cloud data security is top of mind for organizations of all sizes, showing that many organizations are unprepared to deal with the unique challenges of securing data in the cloud. With the rapid growth of cloud, it is essential that organizations take steps to improve their cloud data security posture," said Dimitri Sirota, CEO and co-founder at BigID. "This research underscores the value of solutions like BigID to accelerate cloud data security with a risk-based, data-first approach that can scale as data continues to expand across the multi-cloud."

To learn more, download a copy of BigID's Cloud Data Security Research Report 2022 today.

**Learn more:**

*   **Read** a summary of the survey at bigid.com/blog
*   **See** a live demo with our security experts at BigID

**Methodology**

The survey was conducted online by CSA in July 2022 and received 1663 responses from IT and security professionals from organizations of various sizes and locations.

**About BigID**

BigID enables organizations to know their enterprise data and take action for data-centric security, privacy, and governance. Companies deploy BigID to proactively discover, manage, protect, and get more value from their regulated, sensitive, and personal data across their data landscape. By applying next-gen ML across the data landscape, BigID's data security, privacy, and governance solutions enrich and extend the modern tech stack, making it easier than ever to discover dark data, reduce risk, accelerate cloud migrations, achieve compliance, and align with security frameworks by taking a data-first approach. Go big with the BigID Data Intelligence Platform or start small with SmallID: the first cloud-native, on-demand data-centric security solution designed to automatically discover, manage, and protect cloud data - across IaaS, PaaS, and SaaS.

Only 4% of Security and IT Leaders Believe All of Their Cloud Data is Sufficiently Secured

External attack surface management leader unveils evolution of risk intelligence solution, including a virtual sandbox environment to safely validate steps to remediation.

PALO ALTO, Calif., Oct. 20, 2022 /PRNewswire/ — CyCognito today announced the next generation of its Exploit Intelligence solution to help security teams prioritize and mitigate the most critical security risks in their external attack surface. Exploit Intelligence leverages CISA, FBI and other threat intelligence sources, including adversary activity, to create advisories that validate where threats in the wild align to risks in the organization.

Sandbox Virtual Lab, a key new feature of Exploit Intelligence, is the industry's first integrated external attack surface sandbox testing environment. Now security teams can simulate how an adversary would compromise a specific asset, quickly validating if and how a vulnerability can be exploited and the potential impact. Additionally, Sandbox Virtual Lab enables repeat asset testing to ensure proper patching.

This initial release of the Sandbox Virtual Lab focusses on Log4j because it remains a pervasive threat. In the coming months, Sandbox Virtual Lab will also support additional simulate Log4Shell, ProxyShell, ProxyLogon and ZeroLogon threats.

"CyCognito's Exploit Intelligence fills a gap between threat intel and vulnerability management," said Rob Gurzeev, CEO, CyCognito. "The addition of Exploit Intelligence doesn't just link vulnerabilities to specific assets, but answers the important question of why it is important to prioritize fixing specific assets immediately because of their attractiveness to active attackers."

Exploit Intelligence dramatically reduces Mean Time to Remediation (MTTR) of an organization's riskiest external assets, saving security teams time and money. CyCognito's unparalleled discovery and mapping engine paired now with integrated Exploit Intelligence gives security teams actionable knowledge (not just data feeds) to build, test and deploy fixes for today's most pervasive threats, such as Log4j.

Features and benefits include:

*   **Remediation Acceleration:** Exploit Intelligence quickly identifies highest-risk exploitable assets within an external attack surface, empowering security teams to reduce response and remediation timelines from months to days.
*   **Curated Intelligence:** Understand how threats are being actively executed by attackers in the wild and how those threats map to vulnerabilities in your attack surface.
*   **Quick Impact Assessment:** A focused map that paints a picture of all assets potentially at risk, including those assets that are already protected and those that remain vulnerable.
*   **Identify Ownership:** The CyCognito discovery engine determines asset ownership to quickly identify who is responsible for fixing vulnerable assets.
*   **Verify and Act with Confidence****:** Safely test exploits against assets in the Sandbox Virtual Lab to determine actual risk to an IT stack.
*   **Mitigate Threats Faster:** Integrates with SIEM/SOAR, ticketing tools and remediation workflows to provide evidence and mitigation guidance.

**About Cycognito  
**CyCognito solves one of the most fundamental business problems in cybersecurity: seeing how attackers view your organization, where they are most likely to break in, what systems and assets are at risk, and how you can eliminate the exposure. Founded by national intelligence agency veterans, CyCognito has a deep understanding of how attackers exploit blind spots and a path of least resistance. The Palo Alto-based company is funded by leading Silicon Valley venture capitalists, and its mission is to help organizations protect themselves from even the most sophisticated attackers. It does this with a category-defining, transformative platform that automates offensive cybersecurity operations to provide reconnaissance capabilities superior to those of attackers.

CyCognito Launches Next Generation of Exploit Intelligence Threat Remediation Platform

ICS/OT cybersecurity and asset monitoring vendor improves scalability and flexibility with new update.

CHANDLER, Ariz., Oct. 20, 2022 /PRNewswire/ — SynSaber, an early-stage ICS/OT cybersecurity and asset monitoring company, today announced the addition of a new Dynamic Pipeline feature to the company's platform, providing customers with improved scalability and flexibility.

Building upon the product launched in February 2022, this update includes a comprehensive set of features and capabilities to collect, analyze, and curate data at the OT edge. SynSaber was purpose-built to bring edge visibility to industrial networks (oil and gas, water and electric utilities, advanced manufacturing) so that organizations can deploy and scale rapidly, integrate with current technology, and detect threats to protect business-critical assets.

_"SynSaber partners with some of the most important critical infrastructure operators in the nation to protect and provide visibility into how ICS/OT assets are exposed to potential cyber attacks,"_ said Jori VanAntwerp, Co-Founder/CEO of SynSaber. _"With our latest update to the platform, customers are now able to extend visibility and flexibility throughout the organization for cybersecurity to act as a business continuity vehicle and empower operators and asset owners to prevent any operational disruption."_

**Dynamic Pipeline** **'s Key Benefits:**

*   Users can modify data sources, processors, and destinations in real-time, enabling **dynamic configuration changes**without interruption to visibility.
*   Pipeline configuration can be modified and deployed within SynSaber's **visual-based interface.**

The ability to dynamically configure Saber sensors from a visual-based interface allows for greater control and ease of access. In addition to the improved scalability and flexibility the dynamic pipeline provides, the v1.1.0 update includes enhancements to some of the existing features from SynSaber version v1.0.0.

These feature improvements include:

*   **Custom flow module** enables near real-time processing and analysis of data and asset identification.
*   **Improved Syslog support** allows fast and efficient communication with existing infrastructure and technologies.

To see the dynamic pipeline and SynSaber v1.1.0 in action, schedule a demo or visit SynSaber founders at an upcoming event — Oct. 20-21: HouSecCon (Houston, TX); Nov. 2-3: FL Public Power Cybersecurity Summit (Orlando, FL); Nov. 8-9: Co-op Cyber Tech (Washington, DC); and Dec. 9: SANS ICS Consequence-Driven Incident Response Solutions Forum (Virtual event).

**About SynSaber  
**SynSaber is the simple, flexible, and scalable industrial asset and network monitoring solution that provides continuous insight into the status, vulnerabilities, and threats across every point in the industrial ecosystem, empowering operators to observe, detect and defend OT/IT systems and protect critical infrastructure. SynSaber is privately held with funding from SYN Ventures, Rally Ventures, and Cyber Mentor Fund. Learn more at SynSaber.com.

SynSaber Adds New Dynamic Pipeline to OT Cybersecurity Platform

Surprisingly poor cross-team collaboration leads to mismanaged SaaS, wasted money and time.

NEW YORK — (BUSINESS WIRE) — Torii, creator of the #1 Automated SaaS Management Platform (SMP), today released “The State of SaaS At Work Report: Collaboration in a Distributed Workplace.” It reveals that most (60%) IT pros are in the dark when it comes to understanding their cloud app ecosystem, and only a small fraction collaborates with other key teams on controlling costs, securing data, and responding to changing business conditions. It also finds tremendous dissonance between how well IT thinks they’re working with other teams to manage distributed SaaS, and how poorly they actually are.

“SaaS is the ultimate team sport. Everyone from IT, procurement, and lines of business, to finance and security plays an important role in acquiring and managing cloud apps. But in many businesses, the team is dysfunctional. People operate in silos with limited information, no single source of truth, and woefully inadequate collaboration. The only possible outcomes from this are wasted money on apps and licenses, wasted time, and loss of agility,” said Uri Haramati, CEO of Torii. “In today’s distributed, cloud-powered workplaces, businesses can’t afford substandard SaaS management. As Torii’s State of SaaS at Work report makes clear, a new approach to distributed SaaS management rooted in collaboration, transparency, and empowerment is urgently needed.”

**Key Findings from the Torii State of SaaS at Work Report**

Cloud apps are incredibly easy for any employee to trial, purchase, and integrate without ever communicating with IT. Scattered app ownership and data further decentralizes what are now largely distributed organizations, undermining productivity and competitiveness. As cloud application usage increases everywhere, it's critical for IT teams and stakeholders throughout the company to actively participate in managing their cloud applications and spend, together.

**Collaboration Dissonance  
**While some collaboration happens between IT, finance, security, procurement, and HR, it's not happening nearly as often as it should. While 90% of IT leaders praised their collaboration with other teams around SaaS management, in actuality only 20% do so with any regularity, and just 5% collaborate on the majority of business-critical tasks.

**Procurement and Finance are underutilized IT resources  
**Only 14% of IT leaders reported working frequently with finance and procurement teams. But ongoing collaboration and data sharing are essential for minimizing costs, eliminating under-utilized licenses, and surfacing the app usage and cost data needed for continuous spend management and successful contract negotiations.

**Businesses aren’t being proactive enough against Shadow IT  
**Only 20% of respondents work with security and/or compliance often enough to help them discover and derisk unknown applications. Without a complete view of their entire SaaS stack and users, businesses can’t secure sensitive data, ensure authorized access, or meet compliance requirements.

**Access the full report  
**Torii queried 300 IT leaders about the effects of decentralized app purchasing on collaboration and SaaS management. For additional survey findings and implications, access Torii’s complimentary “State SaaS at Work: Collaboration in a Distributed Workplace” report, here.

**About Torii  
**Torii is the #1 Automated SaaS Management Platform (SMP) for today’s increasingly distributed businesses. Unlike conventional tools, Torii empowers an organization’s entire business to come together around their cloud apps and stay in perfect sync as their tech stack evolves. This accelerates innovation and agility, while eliminating millions of dollars in wasted licenses, hundreds of hours spent on manual operations, and protecting sensitive data flowing through known and Shadow IT apps. Torii’s global customers include Carrier Corporation, Instacart, Bumble, Athletic Greens, Palo Alto Networks, and Payoneer. Torii is backed by leading venture capital firms including Tiger Global Management, Wing Venture Capital, Global Founders Capital, Uncork Capital, Entree Capital, and Scopus Ventures. Learn more at www.toriihq.com and follow on Twitter @Torii\_hq or LinkedIn.

New Torii Report Finds 60% of IT Leaders Don’t Know What Apps They Have

HP enhances HP Wolf Security portfolio to stop attackers hijacking privileged access to sensitive data.

PALO ALTO, Calif, October 20, 2022. —– HP Inc. (NYSE: HPQ) today announced enhancements to its HP Wolf Security endpoint protection portfolio, with the launch of Sure Access Enterprise (SAE). SAE protects users with rights to access sensitive data, systems, and applications. It prevents attackers from hi-jacking these privileged sessions – even if the users’ endpoint device is compromised, the access to high value data and systems can remain secure. This stops minor endpoint breaches turning into major security incidents.

Available for both HP and non-HP devices, SAE leverages HP’s unique task isolation technology to run each privileged access session within its own, hardware-enforced virtual machine (VM). This ensures the confidentiality and integrity of the data being accessed, isolating it from any malware in the endpoint operating system. Users are free to conduct privileged, non-privileged, and personal activities securely from one machine. This improves user experience, reduces IT overheads, and enhances protection.

“Gaining access to a privileged users’ device is a critical step in the attack chain. From here, an attacker can scrape credentials, escalate privileges, move laterally, and exfiltrate sensitive data.” comments Ian Pratt, Global Head of Security for Personal Systems at HP Inc. “Sure Access Enterprise is a unique solution that prevents this escalation, thwarting attackers.”

Organizations have several types of users that need to access privileged data, systems, and applications daily. These users range from IT administrators, IoT and OT support staff, through to customer support and finance teams. Allowing these users to perform privileged and non-privileged tasks on the same PC comes with considerable risk. Even if a Privileged Access Management (PAM) system is used to control access to privileged systems, attackers can potentially still usurp privileged sessions, steal sensitive data and credentials, or insert malicious code and commands (e.g., via injected keystrokes, clipboard capture, or memory scraping) if the endpoint is compromised. Traditional best practice has been to issue privileged users with separate dedicated Privileged Access Workstations (PAW) that are used solely for privileged tasks. However, this inconveniences users and increases IT overheads purchasing and managing two systems.

SAE uses advanced hardware-enforced virtualization to create protected VMs that are isolated from the desktop operating system and hence cannot be viewed, influenced, or controlled by it. Thus, confidentiality and integrity of the application and data inside the protected VM can be assured, without the operational cost and complexity of issuing a separate PAW.

“By isolating tasks in protected VMs, which are transparent to the end user, Sure Access Enterprise breaks the attack chain,” continues Pratt. “As well as protecting System Administrators accessing high-value servers, SAE can be used to protect other sensitive assets – for example, protecting credit card details accessed by customer support at a retailer, patient data access at a healthcare provider, or connections to an Industrial Control System at a manufacturer.”

Sure Access Enterprise is available now and features:

*   **Strong Integrations** with Privileged Access Management (PAM) solutions (e.g., CyberArk, BeyondTrust), IPSec remote access tunnels and Multifactor Authentication (MFA).
*   **Centralized Management** to enable separation of duties and flexible policy options – such as locking connections to specific PCs or users or requiring HP Sure View activation for privacy.
*   **Hardware root of trust**, supported by the latest Intel® technologies, to prevent malware from bypassing security controls
*   **Encrypted, tamper-resistant session logging** to track access, without recording sensitive data or credentials, easing compliance.

To learn more, visit: https://www.hp.com/uk-en/security/endpoint-security-solutions.html

About HP  

HP Inc. is a technology company that believes one thoughtful idea has the power to change the world. Its product and service portfolio of personal systems, printers, and 3D printing solutions helps bring these ideas to life. Visit http://www.hp.com.

About HP Wolf Security

From the maker of the world’s most secure PCs and Printers, HP Wolf Security is a new breed of endpoint security. HP’s portfolio of hardware-enforced security and endpoint-focused security services are designed to help organizations safeguard PCs, printers, and people from circling cyber predators. HP Wolf Security provides comprehensive endpoint protection and resiliency that starts at the hardware level and extends across software and services.

HP Launches Sure Access Enterprise to Protect High Value Data and Systems

Achieving basic IT hygiene is 99% of the game.

As your company's chief information security officer (CISO), you're responsible for IT and corporate security, as well as the safety and security of company data and assets. You navigate a fraud landscape of ever-changing and newly emerging threats, while analyzing, prioritizing, and communicating these threats to others at the C-level table. If security risks and vulnerabilities are not properly prioritized at an organizational level, your company is more vulnerable to breaches, hacks, and threats.

**A One-Stop "What If" Catalog of Risks**

Your risk register should serve as a standardized framework — a "what if" manual that includes current and potential security risks and how they could impact the organization. This risk register should identify threats, outline the probability they will affect your company, and illustrate the overall potential impact — and it should be continually updated. This inventory of risks may include risk description, cause, result, likelihood, outcome, and mitigation actions, all customized to your organization. Break out your risk register into sections that map to different business units and stakeholders (infrastructure, internal systems, physical security, etc.) and detail how each may be affected by various threats.

How do you decide what goes into your risk register? Much of that depends on your company's cybersecurity posture, identified risks, and potential risks. However, there are some general guidelines to keep in mind.

**1\. Zero trust is a must.**

Yes, hybrid work accelerates fraud. Many new technologies have come to the forefront as companies adapt and adjust to facilitating remote work for their teams scattered across the globe. We now live in an environment of heightened risk, new types of threats, and constant alerts. It's been a year since President Joe Biden issued a cybersecurity executive order outlining the importance of adopting a zero-trust cybersecurity approach, yet only 21% of critical infrastructure organizations have adopted such a zero-trust security model.

Zero trust is something security teams have been talking about for a few years. Think about how the "business perimeter" has changed with multiple teams, multiple devices, and multiple locations. Historically, many thought of zero trust as "trust, but verify." The new zero trust: "check, check again, then trust in order to verify." This means validating every single device, every single transaction, every single time.

**2\. Plan "outside the lines" when it comes to business continuity, disaster recovery, and potential cyberattacks.**

As you construct your risk register, there are remote workplace-specific items to keep in mind. Of course, you want to put security measures in place that will minimize downtime for employees. Bolster your identity and access management via methods such as multifactor authentication. Ensure corporate data is encrypted to prevent sensitive data from getting into the wrong hands. Also, consider current world events, global economic forecasts, and even unpredictable natural disasters, and how each may affect your company's operations.

**3\. Mind the gaps.**

The rise of remote work has corresponded with a rise in shadow IT — those devices, software, and services that employees adopt without IT department approval. The number of software-as-a-service (SaaS) apps running on corporate networks averaged three times the number that IT departments were aware of in 2022.

Here's the problem: You can't protect what you can't see. Shadow IT can introduce information security vulnerabilities in the way of data leaks, compliance violations, and more. As you enable your remote workforce to be more flexible in how they work, visibility should be top of mind. This is, of course, in addition to tightening up identity and access management across the board and doubling down on zero-trust policies.

You should be having continuous conversations with stakeholders to stay one step ahead of shadow IT and application sprawl. Consider creating policies that open a dialogue with IT and the rest of the company. These policies could also encourage employees to go to IT if they want to request a new application.

**4\. Seek the highest common compliance denominator.**

The current global data protection landscape is an ever-changing one, with several regulations, compliance initiatives, frameworks, and mandates (GDPR, FIPS, ISO 27001, SOC, FedRAMP, and more). And there are also country-, region-, and state-specific mandates, such as Brazil's General Data Protection Law and the California Consumer Privacy Act (CCPA).

So, how can you ensure your organization is compliant? Look for the highest common denominator across various regulations. Take bits and pieces from different mandates, regulations, and guidelines and wrap them into your own company's unique framework. You may take some regulations from the EU's General Data Protect Regulation (GDPR) that are more stringent, while taking other tougher regulations from Brazil's law. This way, you adhere to the highest levels of data privacy regulations in real time while supporting your global customer base.

**A Final Word About Basic IT Hygiene**

As you consider the guidelines above, remember this: If you properly patch your machines, keep a close eye on configuration management, and add/remove users in a timely manner, you are mostly there. Even though there will always be new challenges to address (new government mandates, compliance updates, potential security risks), achieving basic IT hygiene is 99% of the game.

Are You a CISO Building Your Risk Register for 2023? Read This First

Compliance activities are often viewed as frustrating but necessary. That's an understandable view as teams often have to apply a set standard to existing systems and figure out how to collect enough evidence to answer an audit.

Compliance activities are often viewed as frustrating but necessary. That's an understandable view as teams often have to apply a set standard to existing systems and figure out how to collect enough evidence to answer an audit.

That work requires a lot of documentation, verification, and digging up answers to questions long forgotten. Approaching compliance in this way — while common — does your security practice a disservice.

Let's ignore the word "compliance" for a bit. Can you answer this deceptively simple question: "Is your security practice doing what you think it is?"

Are the controls you've rolled out effective? Do other teams follow the appropriate process for changes? Can you follow a transaction across your systems to respond to an incident?

**Are We Supposed to Test?**

One area with a shocking lack of attention is testing, and that's probably because testing in development is always a challenging balance of effort vs. return. But at least within the build process, it's accepted that code and integrations must be tested.

When was the last time you saw a standardized regular security control test?

At best, teams will engage in a penetration test or a red-team exercise. While these are often a heavy lift, they often generate excellent results, even if they take a significant investment of resources and time. Unfortunately, you won't see that level of effort applied for each and every deployment to production.

If we keep digging, we'll find teams that do, in fact, have some testing integrated into the CI/CD pipeline. Vulnerability scanning and infrastructure-as-code (IaC) template scanning are the most common tools implemented here.

Vulnerability scanning aims to find known vulnerabilities in out-of-date software. These issues can often be addressed by updating code dependencies, applying a path to update key software, or rolling out a mitigating control elsewhere in the infrastructure.

IaC template scanning is looking for potential issues _before_ they hit production. Misconfigured permissions, gaps in logging, unencrypted connections, and other issues can be addressed by builders much easier at this stage when compared to addressing them in production.

But these two steps are often the end of any security testing. Why is that?

**Too Many Competing Priorities**

One simple answer is that it just usually isn't done. Security testing typically happens when evaluating a control or process but after that, the assumption is that it continues to work.

If you shuddered a bit at "assumption," you should. As a community of practice, if we want to keep our tin foil hats, testing should be top of mind.

Nothing is ever that simple, though. Testing security controls can be tricky, which makes figuring out how to automate tests even more challenging for teams that historically don't have a deep bench for development activities.

With the move to the cloud, the barrier to security testing has dropped significantly. We've seen the first steps with the inclusion of vulnerability and IaC scanning inside the CI/CD pipelines used by development teams.

It's time for security teams to implement regular testing not only in the build pipeline but in production.

**Simple Wins the Day**

Testing doesn't have to be complicated. Simple checks will go a long way.

Validating that a security group actually prevents access from unlisted IP blocks, verifying access for users and systems, making sure that logs are being written to the correct location, and other tests are a good place to start.

These basic checks provide a safety net beyond vulnerability and IaC scanning to verify that your security controls and processes are working as expected.

**What About Compliance?**

The bonus? That type of testing and verification _is_ compliance. When you peel back the layers, compliance activities are really just proving that you are doing what you said you were going to do.

Organize the results of these tests with compliance audits in mind, and you're doing the work as you go. That's continuous compliance. If you and your team can build that habit, it not only improves your day-to-day security practice, it will greatly simplify your compliance work as well.

This isn't a different approach to compliance; it's just a different way to look at it. Hopefully, it's a perspective that helps you understand the value.

Your next steps are to start to build and automate these simple tests, roll out tools such as vulnerability and IaC scanning, and start practicing continuous compliance.

**About the Author**

    

I'm a forensic scientist, speaker, and technology analyst trying to help you make sense of the digital world and it's impact on us. For everyday users, my work helps to explain what the challenges of the digital world. Just how big of an impact does using social media have on your privacy? What does it mean when technologies like facial recognition are starting to be used in our communities? I help answer questions like this and more. For people building technology, I help them to apply a security and privacy lens to their work, so that they can enable users to make clearer decisions about their information and behavior. There is a mountain of confusion when it comes to privacy and security. There shouldn't be. I make security and privacy easier to understand.

Source

DARKReading